Script 10.2
Your Website
catchy slogan...
Delete User
Name: 739___***
<, 943___***
Yes No
<?php //script 10.2 delete user include (CHAPTER_PATH.'/'.$chapter.'/includes/header.php'); // connect to the db require(CONNECT); echo "<div id='content'>"; echo '<h1>Delete User</h1>'; // Get a valid user ID, through GET or POST or Select: if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php $id = $_GET['id']; } elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission. $id = $_POST['id']; } else { // No valid ID, Select one from dropdown //get all customer names to populate dropdown menu $q = "SELECT CONCAT_WS(', ',last_name, first_name) AS customer, DATE_FORMAT(registration_date, '%M %d, %Y') AS dr, user_id AS id FROM site_users ORDER BY last_name ASC"; if($r = mysqli_query($link,$q) ){ echo "<form action='' method='post' ><p><label for='c'>Select Customer to Delete</label>"; echo "<select id='c' name='id'>"; while($row = mysqli_fetch_assoc($r)) { echo "<option"; echo (isset($_POST['customer']) && $_POST['customer'] == $row['customer'])? ' selected':''; echo " value='$row[id]'>$row[customer]</option>"; } echo "</select></p><input type='submit' value='Select'/></form>"; } else { echo "We are experiencing technical difficulties. Try back later."; } } // Check if the form has been submitted: if ($_SERVER['REQUEST_METHOD'] == 'POST' || isset($id)) { if (isset($_POST['sure'])) { if($_POST['sure'] == 'Yes') { // Delete the record. // Make the query: $q = "DELETE FROM site_users WHERE user_id=$id LIMIT 1"; $r = @mysqli_query ($link, $q); if (mysqli_affected_rows($link) == 1) { // If it ran OK. // Print a message: echo '<p>The user has been deleted.</p>'; } else { // If the query did not run OK. echo '<p class="error">The user could not be deleted due to a system error.</p>'; // Public message. echo '<p>' . mysqli_error($link) . '<br />Query: ' . $q . '</p>'; // Debugging message. } } else { // No confirmation of deletion. echo '<p>The user has NOT been deleted.</p>'; } } else { // Show the form. // Retrieve the user's information: $q = "SELECT CONCAT(last_name, ', ', first_name) FROM site_users WHERE user_id=$id"; $r = @mysqli_query ($link, $q); if (mysqli_num_rows($r) == 1) { // Valid user ID, show the form. // Get the user's information: $row = mysqli_fetch_array ($r, MYSQLI_NUM); // Display the record being deleted: echo "<h3>Name: $row[0]</h3> Are you sure you want to delete this user?"; // Create the form: echo '<form action="" method="post"> <input type="radio" name="sure" value="Yes" /> Yes <input type="radio" name="sure" value="No" checked="checked" /> No <input type="submit" name="submit" value="Confirm" /> <input type="hidden" name="id" value="' . $id . '" /> </form>'; } else { // Not a valid user ID. echo '<p class="error">This page has been accessed in error.</p>'; } } } // End of the main submission conditional. // disconnect from the db require(DISCONNECT); echo "</div>"; include (CHAPTER_PATH.'/'.$chapter.'/includes/footer.php'); ?>